Beware: Targeted Attacks on iPhone Users are a Thing | Lookout Blog

In-brief: Lookout said it identified an active threat that was using three critical iOS zero-day (that is: previously unknown) vulnerabilities. When exploited, the three vulnerabilities “form an attack chain that subverts even Apple’s strong security environment.”

Working with both Citizen Lab at the University of Toronto and Apple’s Security Team, Lookout said it uncovered an active threat that was using three critical iOS zero-day (that is: previously unknown) vulnerabilities. When exploited, the three vulnerabilities “form an attack chain that subverts even Apple’s strong security environment.”

Lookout is calling the holes “Trident” and worked with Apple to issue fixes for them – patches that were pushed out with the recent 9.3.5 iOS patch. From Lookout’s blog:

Trident is used in a spyware product called Pegasus, which according to an investigation by Citizen Lab, is developed by an organization called NSO Group. NSO Group is an Israeli-based organization that was acquired by U.S. company Francisco Partners Management in 2010, and according to news reports specializes in “cyber war.” Pegasus is highly advanced in its use of zero-days, obfuscation, encryption, and kernel-level exploitation.

Holes in the iOS operating system are highly valued by cyber criminal groups and gray market cyber arms dealers, because of the widespread use of the iPhone and the difficulty of compromising Apple’s mobile OS. The firm Zerodium made headlines in 2015 by offering $1 million for working exploits of previously undiscovered, remotely exploitable holes in iOS.

Author: PaulI'm an experienced writer, reporter and industry analyst with a decade of experience covering IT security, cyber security and hacking, and a fascination with the fast-emerging "Internet of Things."